<?php

include('../../include/functions.inc.php');
include('../../include/inputbuilder.inc.php');

if (!isEmpty(getParam('operation'))) {
    switch (getParam('operation')) {
        case 's':
            save($db);
            break;
        case 'u':
            update($db);
            break;
        case 'd':
            delete($db);
            break;
    }
}

function save($db) {
    $pass = md5(getParam('PASSWORD'));
    $db->query_insert('cllg_user', array(
        'USER_NAME' => sqlValue(getParam('USER_NAME'), 'text'),
        'FIRST_NAME' => sqlValue(getParam('FIRST_NAME'), 'text'),
        'LAST_NAME' => sqlValue(getParam('LAST_NAME'), 'text'),
        'PASSWORD' => sqlValue($pass, 'text'),
        'STATUS' => sqlValue(getParam('STATUS'), 'int'),
        'FK_ENTITY' => sqlValue(getParam('FK_ENTITY'), 'int'),
        'FK_PERFIL' => sqlValue(getParam('FK_PERFIL'), 'int'),
        'AUTORIZA' => sqlValue(getParam('AUTORIZA'), 'int')));
    echo 'SAVED';
}

function update($db) {
    $where = "USER_NAME=" . sqlValue(getParam('USER_NAME'), 'text');
    $pass = getParam("PASSWORD");
    if (getParam("NEWPASS") != NULL) {
        $pass = md5(getParam("NEWPASS"));
    }
    $db->query_update('cllg_user', array(
        'FIRST_NAME' => sqlValue(getParam('FIRST_NAME'), 'text'),
        'LAST_NAME' => sqlValue(getParam('LAST_NAME'), 'text'),
        'STATUS' => sqlValue(getParam('STATUS'), 'int'),
        'PASSWORD' => sqlValue($pass, 'text'),
        'FK_ENTITY' => sqlValue(getParam('FK_ENTITY'), 'int'),
        'FK_PERFIL' => sqlValue(getParam('FK_PERFIL'), 'int'),
        'AUTORIZA' => sqlValue(getParam('AUTORIZA'), 'int')), $where);
    echo 'UPDATED';
}

function delete($db) {
    $db->query_delete('cllg_user', "USER_NAME=" . sqlValue(getParam('USER_NAME'), 'text'));
    echo 'DELETED';
}

?>